Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/nd3GhfLFkJ9IOb-EwtQkmGZ8a_g.roa
File: nd3GhfLFkJ9IOb-EwtQkmGZ8a_g.roa (raw, json)
Hash identifier: bO2Ex/xuP8Cin2KidKj6QYTaI8XLx+M5cqO/rpV6X8A=
Subject key identifier: 9D:DD:C6:85:F2:C5:90:9F:48:39:BF:84:C2:D4:24:98:66:7C:6B:F8
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 018CC348A7BCDF4C8121B46F7F06FDF11020
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/nd3GhfLFkJ9IOb-EwtQkmGZ8a_g.roa
Signing time: Mon 01 Jan 2024 04:29:27 +0000
ROA not before: Mon 01 Jan 2024 04:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24614
IP address blocks: 193.140.252.0/23 maxlen: 23
194.27.188.0/22 maxlen: 22
194.27.196.0/22 maxlen: 22
193.255.252.0/22 maxlen: 22
194.27.238.0/23 maxlen: 23
194.27.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.mft
rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a7:bc:df:4c:81:21:b4:6f:7f:06:fd:f1:10:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 1 04:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dddc685f2c5909f4839bf84c2d42498667c6bf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a6:e3:c9:4c:7e:5e:a4:80:de:c7:ef:4c:14:
12:84:b6:48:37:db:7d:e3:55:ca:2c:25:7a:7f:2b:
26:79:b3:d0:59:33:b1:fe:ff:7f:93:ce:e7:c1:8d:
c1:8b:bd:35:39:93:dd:92:4f:59:54:47:77:92:c1:
6f:ac:70:0c:72:56:09:f6:1b:ca:9f:db:e8:4d:d1:
2e:58:fa:52:df:d0:cd:a5:6d:86:a9:d7:85:41:d2:
6b:51:64:37:36:6f:92:8d:b6:bf:e4:fe:49:4b:18:
89:72:a5:8d:78:44:33:6c:57:47:d5:5e:3a:e6:ab:
0f:c1:7a:0f:59:23:17:08:ee:43:b1:59:a5:6e:fd:
3f:a0:6c:73:60:9a:a7:05:0b:80:69:c9:b4:69:37:
a9:7c:d7:d3:ee:e8:3f:e7:16:c4:ff:4e:b2:c9:40:
2d:a2:a1:f3:83:ca:d7:ad:e4:d7:ed:28:e6:35:54:
09:2f:33:89:2f:c5:ad:bc:17:52:bb:7a:02:9a:b3:
2b:8d:5d:2c:9d:4a:b1:97:42:85:e4:8f:45:f3:50:
08:ab:9b:72:65:31:f4:4d:ae:9c:00:bb:33:00:59:
dc:11:87:c4:c8:8d:67:3c:a5:67:29:3d:84:f9:d9:
f9:99:3b:07:a0:83:2f:b4:53:a3:6a:ac:b3:27:c4:
fa:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:DD:C6:85:F2:C5:90:9F:48:39:BF:84:C2:D4:24:98:66:7C:6B:F8
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/nd3GhfLFkJ9IOb-EwtQkmGZ8a_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.140.252.0/23
193.255.252.0/22
194.27.188.0/22
194.27.196.0/22
194.27.238.0-194.27.255.255
Signature Algorithm: sha256WithRSAEncryption
8e:e9:f7:23:bd:37:d3:74:91:40:fb:cf:3b:16:03:62:6c:3a:
a9:7c:19:a9:4a:c3:d5:33:31:c6:51:fe:7d:4b:03:52:45:6d:
32:a0:78:f8:52:c2:fe:71:3c:83:58:9f:f4:fb:74:34:21:9d:
63:0f:9d:e2:c1:58:bf:cd:bd:d6:03:c8:70:47:b0:ae:3a:61:
6c:c8:ef:0d:35:6e:2e:3f:7b:37:3a:32:43:2a:42:d7:ce:be:
2b:f7:64:9b:01:1b:ba:d9:92:18:a8:c6:af:06:f7:5d:7f:71:
01:cb:c2:b8:64:f4:8c:da:9f:ee:f2:bb:60:5d:17:de:38:8a:
e1:2d:95:d1:80:a6:e8:4f:ff:26:f3:c6:65:ad:31:e7:b8:d8:
a1:ef:f2:7c:2a:46:e2:5b:d1:99:f6:a8:94:cf:23:79:46:a6:
c3:bd:06:db:b8:ce:0d:ba:cf:4f:46:d8:38:c6:28:a0:23:dc:
d6:cc:9f:74:2e:af:df:ef:e2:bb:9b:5a:d2:4a:d8:d7:28:8a:
76:9a:0c:17:da:a1:50:e9:7b:e3:d0:49:93:51:d7:aa:dc:ab:
fa:a3:40:a1:99:97:0b:b7:3c:c4:36:e7:14:ad:cd:74:3a:af:
14:da:0d:e3:9f:92:dd:b7:d3:6d:6e:89:12:dd:de:26:59:67:
22:bc:1b:07
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzDSKe830yBIbRvfwb98RAgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTE4ZDE4MDkyM2E3ZjNjMDA2NTNlYzEyYmM3MDJiOTVh
YWI5MDcwHhcNMjQwMTAxMDQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGRkYzY4NWYyYzU5MDlmNDgzOWJmODRjMmQ0MjQ5ODY2N2M2YmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKbjyUx+XqSA3sfvTBQShLZIN9t9
41XKLCV6fysmebPQWTOx/v9/k87nwY3Bi701OZPdkk9ZVEd3ksFvrHAMclYJ9hvK
n9voTdEuWPpS39DNpW2GqdeFQdJrUWQ3Nm+Sjba/5P5JSxiJcqWNeEQzbFdH1V46
5qsPwXoPWSMXCO5DsVmlbv0/oGxzYJqnBQuAacm0aTepfNfT7ug/5xbE/06yyUAt
oqHzg8rXreTX7SjmNVQJLzOJL8WtvBdSu3oCmrMrjV0snUqxl0KF5I9F81AIq5ty
ZTH0Ta6cALszAFncEYfEyI1nPKVnKT2E+dn5mTsHoIMvtFOjaqyzJ8T6RQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFJ3dxoXyxZCfSDm/hMLUJJhmfGv4MB8GA1UdIwQY
MBaAFDdRjRgJI6fzwAZT7BK8cCuVqrkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgt
NTk2NzE5MjBmYjYwLzEvbmQzR2hmTEZrSjlJT2ItRXd0UWttR1o4YV9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgtNTk2NzE5MjBmYjYw
LzEvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAATAlAwQBwYz8AwQC
wf/8AwQCwhu8AwQCwhvEMAsDBAHCG+4DAwLCGDANBgkqhkiG9w0BAQsFAAOCAQEA
jun3I70303SRQPvPOxYDYmw6qXwZqUrD1TMxxlH+fUsDUkVtMqB4+FLC/nE8g1if
9Pt0NCGdYw+d4sFYv8291gPIcEewrjphbMjvDTVuLj97NzoyQypC186+K/dkmwEb
utmSGKjGrwb3XX9xAcvCuGT0jNqf7vK7YF0X3jiK4S2V0YCm6E//JvPGZa0x57jY
oe/yfCpG4lvRmfaolM8jeUamw70G27jODbrPT0bYOMYooCPc1syfdC6v3+/iu5ta
0krY1yiKdpoMF9qhUOl749BJk1HXqtyr+qNAoZmXC7c8xDbnFK3NdDqvFNoN45+S
3bfTbW6JEt3eJllnIrwbBw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:52:41 2024 by rpki-client on console-fra.rpki-client.org